Bug#518122: Security issue in mantis

Steve Kemp Wed, 04 Mar 2009 01:58:36 -0800

Package: mantis
Severity: grave
Tags: security
Version: 1.1.6+dfsg-2

  There's a security issue in the mantis version in lenny, at least,
 which allows registered users to run commands on the server.


  Details here:

    http://secunia.com/advisories/32314/

  Patch here:
    
    
http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/branches/BRANCH_1_1_0/mantisbt/core/utility_api.php?r1=5679&r2=5678&pathrev=5679

Steve
-- 
Stop blog&forum spam
http://blogspam.net/



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#518122: Security issue in mantis

Reply via email to